Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/68b464-2460-4e53-ade3-6b96c8361265/1/TuwmeuLxv5Xm16FCCA5d96MTlJI.mft
File:                     TuwmeuLxv5Xm16FCCA5d96MTlJI.mft (raw, json)
Hash identifier:          TlZEBsF7wkvj+/selsJkyzvKpJocaWWMKN1kOl68Eb4=
Subject key identifier:   EB:B1:9C:B4:CB:50:BC:03:19:C5:29:AC:1B:E2:39:F4:07:93:66:69
Authority key identifier: 4E:EC:26:7A:E2:F1:BF:95:E6:D7:A1:42:08:0E:5D:F7:A3:13:94:92
Certificate issuer:       /CN=4eec267ae2f1bf95e6d7a142080e5df7a3139492
Certificate serial:       019356F7294AF6551ED2398507B6D7CA5C8C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/TuwmeuLxv5Xm16FCCA5d96MTlJI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/aa/68b464-2460-4e53-ade3-6b96c8361265/1/TuwmeuLxv5Xm16FCCA5d96MTlJI.mft
Manifest number:          0854
Signing time:             Sat 23 Nov 2024 03:00:58 +0000
Manifest this update:     Sat 23 Nov 2024 03:00:58 +0000
Manifest next update:     Sun 24 Nov 2024 03:00:58 +0000
Files and hashes:         1: TuwmeuLxv5Xm16FCCA5d96MTlJI.crl (hash: Wl7uaPFIw8LtgeFMJofHVK49mAZSlbq3sJGTOqjt4/g=)

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/aa/68b464-2460-4e53-ade3-6b96c8361265/1/TuwmeuLxv5Xm16FCCA5d96MTlJI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/aa/68b464-2460-4e53-ade3-6b96c8361265/1/TuwmeuLxv5Xm16FCCA5d96MTlJI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/TuwmeuLxv5Xm16FCCA5d96MTlJI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 24 Nov 2024 03:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:93:56:f7:29:4a:f6:55:1e:d2:39:85:07:b6:d7:ca:5c:8c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4eec267ae2f1bf95e6d7a142080e5df7a3139492
        Validity
            Not Before: Nov 23 03:00:58 2024 GMT
            Not After : Nov 24 03:00:58 2024 GMT
        Subject: CN=ebb19cb4cb50bc0319c529ac1be239f407936669
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:70:80:b3:b2:74:81:03:2f:cb:aa:42:75:7c:
                    a7:95:37:e2:c8:4d:b1:fc:92:0d:7f:70:69:13:cd:
                    9d:ec:8f:4a:6b:01:34:1e:e7:04:39:51:b2:e6:78:
                    96:36:22:33:00:82:75:41:5f:1e:20:fe:02:f3:64:
                    f7:d2:74:d2:a6:76:8f:4c:8d:c1:52:cc:11:50:4e:
                    dd:1f:d6:97:46:1b:e5:16:85:9c:bc:ed:64:0a:02:
                    97:42:4b:48:7a:a1:1c:7c:8a:22:a0:cd:b4:d8:4d:
                    12:26:14:ef:84:93:ef:4d:9c:8c:b6:cd:51:28:9c:
                    f8:81:d2:b3:2a:9b:16:75:80:b5:39:d7:75:be:f0:
                    5b:e1:42:ff:7c:ce:ee:d3:ed:d5:88:36:51:62:15:
                    12:e6:bc:e5:ea:b7:8b:37:27:77:62:5e:8d:98:55:
                    21:b2:82:01:c4:a6:6d:f6:48:ff:d7:63:7f:11:10:
                    1c:3a:5d:38:24:60:ea:5d:4e:f2:13:81:62:11:1f:
                    7a:98:63:87:96:5b:de:35:b7:0a:53:b9:88:64:77:
                    f8:e3:d5:b2:cc:85:80:94:b5:fb:44:6c:8b:ab:d0:
                    17:13:21:ec:66:25:f4:5c:5c:49:00:2b:83:af:73:
                    bd:cb:5b:89:99:3c:b5:da:94:08:a8:18:cf:a9:d4:
                    fa:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:B1:9C:B4:CB:50:BC:03:19:C5:29:AC:1B:E2:39:F4:07:93:66:69
            X509v3 Authority Key Identifier:
                keyid:4E:EC:26:7A:E2:F1:BF:95:E6:D7:A1:42:08:0E:5D:F7:A3:13:94:92

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TuwmeuLxv5Xm16FCCA5d96MTlJI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/68b464-2460-4e53-ade3-6b96c8361265/1/TuwmeuLxv5Xm16FCCA5d96MTlJI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/68b464-2460-4e53-ade3-6b96c8361265/1/TuwmeuLxv5Xm16FCCA5d96MTlJI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         08:41:45:73:75:d5:67:8f:e3:00:ae:8d:4e:76:32:f4:d6:09:
         35:46:36:a5:a6:13:2d:3c:fe:97:34:a4:69:20:8c:1e:35:13:
         09:2f:7d:59:e9:a5:e2:f0:3b:a9:20:f8:d0:b3:a2:42:f1:f9:
         d7:0e:e1:ac:95:c7:6f:bc:50:02:45:c0:84:de:06:a7:15:98:
         43:ff:30:af:84:e2:a7:4a:33:b0:e3:84:62:2f:b5:ee:15:9b:
         36:56:bd:ef:23:2a:45:f5:3a:d7:24:6d:32:e0:79:a6:93:c7:
         4f:1d:ec:0b:9c:2f:0a:7a:0c:3e:d6:a1:b6:af:a6:03:ed:9b:
         03:8f:6e:6b:49:62:ea:7c:0e:b1:1c:81:9e:b2:94:a6:6e:0a:
         09:e3:ab:7c:38:be:98:94:b9:a2:9e:f5:f0:50:28:ae:51:72:
         b7:93:5a:35:8e:03:e3:d9:ec:4d:e5:f1:dc:c6:15:a5:c6:98:
         a3:92:04:de:f2:46:68:f9:a8:ae:98:1e:57:a8:06:09:45:20:
         ee:5c:d9:4b:b8:43:ba:3f:43:ee:7b:39:d0:ec:b6:ee:34:46:
         a9:7e:58:47:8e:b7:13:7c:87:07:3c:58:b9:0b:08:cf:38:39:
         fd:7a:7e:fa:a7:0f:91:f9:80:01:09:e4:7f:5a:69:2f:e1:1a:
         10:c5:72:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZNW9ylK9lUe0jmFB7bXylyMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZWMyNjdhZTJmMWJmOTVlNmQ3YTE0MjA4MGU1ZGY3YTMx
Mzk0OTIwHhcNMjQxMTIzMDMwMDU4WhcNMjQxMTI0MDMwMDU4WjAzMTEwLwYDVQQD
EyhlYmIxOWNiNGNiNTBiYzAzMTljNTI5YWMxYmUyMzlmNDA3OTM2NjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3CAs7J0gQMvy6pCdXynlTfiyE2x
/JINf3BpE82d7I9KawE0HucEOVGy5niWNiIzAIJ1QV8eIP4C82T30nTSpnaPTI3B
UswRUE7dH9aXRhvlFoWcvO1kCgKXQktIeqEcfIoioM202E0SJhTvhJPvTZyMts1R
KJz4gdKzKpsWdYC1Odd1vvBb4UL/fM7u0+3ViDZRYhUS5rzl6reLNyd3Yl6NmFUh
soIBxKZt9kj/12N/ERAcOl04JGDqXU7yE4FiER96mGOHllveNbcKU7mIZHf449Wy
zIWAlLX7RGyLq9AXEyHsZiX0XFxJACuDr3O9y1uJmTy12pQIqBjPqdT63wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOuxnLTLULwDGcUprBviOfQHk2ZpMB8GA1UdIwQY
MBaAFE7sJnri8b+V5tehQggOXfejE5SSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHV3bWV1THh2NVhtMTZGQ0NBNWQ5Nk1UbEpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS82OGI0NjQtMjQ2MC00ZTUzLWFkZTMt
NmI5NmM4MzYxMjY1LzEvVHV3bWV1THh2NVhtMTZGQ0NBNWQ5Nk1UbEpJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS82OGI0NjQtMjQ2MC00ZTUzLWFkZTMtNmI5NmM4MzYxMjY1
LzEvVHV3bWV1THh2NVhtMTZGQ0NBNWQ5Nk1UbEpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACEFFc3XV
Z4/jAK6NTnYy9NYJNUY2paYTLTz+lzSkaSCMHjUTCS99Weml4vA7qSD40LOiQvH5
1w7hrJXHb7xQAkXAhN4GpxWYQ/8wr4Tip0ozsOOEYi+17hWbNla97yMqRfU61yRt
MuB5ppPHTx3sC5wvCnoMPtahtq+mA+2bA49ua0li6nwOsRyBnrKUpm4KCeOrfDi+
mJS5op718FAorlFyt5NaNY4D49nsTeXx3MYVpcaYo5IE3vJGaPmorpgeV6gGCUUg
7lzZS7hDuj9D7ns50Oy27jRGqX5YR463E3yHBzxYuQsIzzg5/Xp++qcPkfmAAQnk
f1ppL+EaEMVytQ==
-----END CERTIFICATE-----